Re: [TLS] Additional changes for draft-ietf-tls-iana-registry-updates

Benjamin Kaduk <kaduk@mit.edu> Fri, 23 March 2018 12:58 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD33B12D94B for <tls@ietfa.amsl.com>; Fri, 23 Mar 2018 05:58:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_XWjMGwNbce for <tls@ietfa.amsl.com>; Fri, 23 Mar 2018 05:58:05 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B11F31270B4 for <tls@ietf.org>; Fri, 23 Mar 2018 05:58:05 -0700 (PDT)
X-AuditID: 1209190c-891ff70000007c9d-a7-5ab4f9dca539
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 85.19.31901.CD9F4BA5; Fri, 23 Mar 2018 08:58:04 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id w2NCw3dT019710; Fri, 23 Mar 2018 08:58:03 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w2NCvxI6030956 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 23 Mar 2018 08:58:01 -0400
Date: Fri, 23 Mar 2018 07:57:59 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: "Salz, Rich" <rsalz@akamai.com>
Cc: Sean Turner <sean@sn3rd.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "<tls@ietf.org>" <tls@ietf.org>
Message-ID: <20180323125758.GE25919@kduck.kaduk.org>
References: <505FCF83-C92E-4A90-83BF-4B2C4796EBE6@sn3rd.com> <77875DAA-EE63-4EBA-8951-61F89D9FBAD8@sn3rd.com> <1521713417877.45777@cs.auckland.ac.nz> <21D7BBB3-5B19-4721-B08A-9AD887F37F99@sn3rd.com> <EBD5C0A9-FE81-4823-BDBA-88F575467B97@akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <EBD5C0A9-FE81-4823-BDBA-88F575467B97@akamai.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprGKsWRmVeSWpSXmKPExsUixCmqrHvn55Yog6vHDS1evnvOavF/SyeL xZVVjcwWn853MTqweEw+soDZ42LjASaPJUt+MnkcPMgYwBLFZZOSmpNZllqkb5fAlbHq6G2W guNsFVNvr2RrYJzB2sXIySEhYCLx6f5s5i5GLg4hgcVMEi+3nWKFcDYySmzu/8AI4Vxlkvj/ pIcFpIVFQFXiSftcNhCbTUBFoqH7MjOILSKgLHF85gOgBg4OZoFSiS39NiBhYQE/iZNHT4Ft 4wXadvvDQnaImQ1MErP6FjNDJAQlTs58AjafWUBL4sa/l0wQc6Qllv/jAAlzCthJvLr+CKxc FGjV3r5D7BMYBWYh6Z6FpHsWQvcCRuZVjLIpuVW6uYmZOcWpybrFyYl5ealFuoZ6uZkleqkp pZsYwcEsybOD8cwbr0OMAhyMSjy8C05ujhJiTSwrrsw9xCjJwaQkypt5fEuUEF9SfkplRmJx RnxRaU5q8SFGCQ5mJRFei5dAOd6UxMqq1KJ8mJQ0B4uSOK+7iXaUkEB6YklqdmpqQWoRTFaG g0NJgvf+D6BGwaLU9NSKtMycEoQ0EwcnyHAeoOG6P0GGFxck5hZnpkPkTzFacrStfNLGzLHr 0UsgeePF6zZmIZa8/LxUKXHebSBDBUAaMkrz4GaCkpNE9v6aV4ziQC8K884FqeIBJja4qa+A FjIBLfSZArawJBEhJdXA2P/nR0/xoaMnBTNMBSfPsutUfxG1zLxTy/zkim0L+YMjv9YLm0n+ SQrJb4szfMWbuVP+q61lNseWOtNAQXZX4RlRmxZHvG02EdgYfbeUvdvoivhnN1P/OM58iwP/ r59d6DVH6iMTT79TzMOE76k9d1Y0ScgeOcreeHF2Xtm3Y2xLMttLglSUWIozEg21mIuKEwHu rCX/KQMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/VZvIEVjR4yJPYL4jScD24UeQ1wQ>
Subject: Re: [TLS] Additional changes for draft-ietf-tls-iana-registry-updates
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 12:58:07 -0000

On Thu, Mar 22, 2018 at 12:53:22PM +0000, Salz, Rich wrote:
> I am inclined to agree with Peter.  It doesn't quite seem like a registry if the very first time there is a list of things in it, that list is now frozen.
> 
> Why are we closing/reserving all the bits?

Huh?  These are for the old TLS 1.2 separately negotiated Hash and
Signature registries, that have been pouplated for quite some time.
We need to close them or reserve "all" free values in order to not
conflict with the new TLS 1.3 SignatureScheme registry that uses
combined 16-bit codepoints, but share space on the wire.

Closing the registries does seem to be a better match for our
intended future for these registries, but I am curious if you asked
what the procedure would be on the off chance that we did need to
reopen them for some reason.

-Ben